Firm explains but security folk not appy with clarifications Weird things are afoot with NordVPN’s app and the traffic it generates – Reg readers have spotted it contacting strange domains in the same way compromised machines talk to botnets’ command-and-control servers.…
Read this article:
There’s NordVPN odd about this, right? Infosec types concerned over strange app traffic
DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage to brands, according to Neustar. Also, when comparing Q1 2019 vs. Q1 2018, the company has registered a 200 percent increase of attacks on directly provisioned customers. Report findings The largest attack size observed by them in Q1 2019 was 587 Gbps in volume, and the longest duration for a single attack was nearly a day and … More ? The post The latest DDoS attacks are mostly multi-vector and morph over time appeared first on Help Net Security .
View article:
The latest DDoS attacks are mostly multi-vector and morph over time
There is a direct correlation between cryptocurrency and DDoS attacks. As the price of cryptocurrency dropped in 2018, leading to decreased profits from cryptomining, hackers on the black market began to divert prime botnet resources to DDoS attack activities, which increased month by month. DDoS attacks in 2018 In NSFOCUS’ 2018 DDoS Attack Landscape report, NSFOCUS analyzed the threat landscape after a landmark year of technological growth related to cloud computing, big data, artificial intelligence … More ? The post The correlation between DDoS attacks and cryptomining appeared first on Help Net Security .
iovation, a TransUnion company, released a series of updates to its online fraud prevention and authentication products. The additions increase security for businesses and reduce friction for consumers with features like email and phone number verification, botnet detection, streamlined de-registration of a device used for authentication, and more customization and context insight for authentication requests. The enhanced identification and removal of threats, coupled with increased trust of good consumer devices, advances iovation’s capabilities to use … More ? The post iovation provides new ways to stop fraud without inconveniencing good customers appeared first on Help Net Security .
Read More:
iovation provides new ways to stop fraud without inconveniencing good customers
Chinese kit slinger was told of UPnP flaw in 2013, didn’t do too much about it Exclusive Huawei bungled its response to warnings from an ISP’s code review team about a security vulnerability common across its home routers – patching only a subset of the devices rather than all of its products that used the flawed firmware.…
Read More:
Huawei bungled router security, leaving kit open to botnets, despite alert from ISP years prior
ISP alerted biz to UPnP flaw in 2013. Years later, same flaw kept cropping up Exclusive Huawei bungled its response to warnings from an ISP’s code review team about a security vulnerability common across its home routers – patching only two models rather than all of its products that used the same flawed firmware.…
Continue Reading:
Huawei’s half-arsed router patching left kit open to botnets: Chinese giant was warned years ago – then bungled it
The FBI’s shutdown of the 15 largest distributed denial-of-service (DDoS) for hire vendors (booters) reduced the overall number of attacks worldwide by nearly 11 percent compared to the same period last year. Along with the fewer total attacks, the average size decreased by 85 percent as did the maximum attack size by 24 percent, indicating the FBI crackdown was effective in reducing the global impact of DDoS attacks. However, booter websites are poised to make … More ? The post Average DDoS attack sizes decrease 85% due to FBI’s shutdown of DDoS-for-hire websites appeared first on Help Net Security .
Read more here:
Average DDoS attack sizes decrease 85% due to FBI’s shutdown of DDoS-for-hire websites
Applied Risk ICS Security Consultant Tom Westenberg discovered a DoS vulnerability in an emulated version of the Triconex TriStation Software Suite. Triconex is a Schneider Electric brand which supplies systems and products in regards to critical control and industrial safety-shutdown technology. The Triconex Emulator is software that allows users to emulate and execute TriStation 1131 applications without connecting to a Tricon, Trident, or Tri-GP controller. Using the Emulator, users can test applications in an offline … More ? The post Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator appeared first on Help Net Security .
Link:
Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator
Fed bust of massive attack network caused traffic loads to plummet in Q4 The FBI’s takedown of a group of prolific DDoS-for-hire websites has single-handedly helped to drop attack levels globally.…
More:
Silence of the WANs: FBI DDoS-for-hire greaseball takedowns slash web flood attacks ‘by 11%’
IoT devices in synchronised attacks on targets represent a growing part of global Distributed Denial of Service (DDoS) weapon arsenals. There is a significant potential for attackers to use an IoT-related protocol, the Constrained Application Protocol (CoAP), deployed on IoT devices to marshal attacks. The A10 Networks report on the state of DDoS weapons in the first quarter of 2019 examines the types of weapons and attacks being used and where they are coming from. … More ? The post IoT devices using CoAP increasingly used in DDoS attacks appeared first on Help Net Security .
Continued here:
IoT devices using CoAP increasingly used in DDoS attacks